Internet and Security
The indisputable advantage of the Internet is our possibility to receive the necessarry information from any continent promptly and simply on the condition that we have access to a computer providing the service. One workstation computer connected into the network allows connection with all servers.
But this also means that the computer providing the service will be open (accessible) to more than ten million users. If the computer(s) are not connected to the internal network of the institution (establishment), no problems will occur. In that case, users from without will only have access to the information intended for public use. But when connecting the internal network with the server that has joined the Internet the user is given the possibility to access information not intended to publisize. Even one computer of the internal network will give such an opportunity.
The spreading of the Internet and the rapid growth of its number of users is making obvious the fact that even the global virtual society has its own `underworld´ trying illegally to access information not for public use either free of charge or at someone else's expense.
In Budapest, two forums concerning the question of the security of the Internet have been held: 1) Secure Internet organised by the corporation ICON (on April 4, 1996 ) and 2) Digital Signature organised by the Hungarian Data Processing Chamber. The following is based on the materials of these forums.
1. Why is protection needed?
In order to see what should be done in the field of network security on a server it should be made clear from whom does the network need protection.
1.1. The simplest occasion: the `assault´ comes from without
Among the 94 million terminal users there are always ones who wish to acquire information illegally, and, in worse cases, to deliberately do harm. According to the information provided by Data Communications, the databases of every fifth company that has joined the Internet have been broken in to. Since the Internet is an open network with many ways of access, the intruder can easily conceal oneself and commit vandalisms anonymously.
The following classification of intruders has formed in the USA:
Hacker - the intrusion is not strictly illegal or malevolent but rather in search of data or software disregarding or haphazardly interpreting copyright laws.
Cracker - the activities may cause more serious technical problems, may cause harm (interfering with the systems' work routine, re-programming, blocking, halting them). He need not have a definite aim, doing so just because he knows how to do it.
Phreak - telephone line thief using the telecommunications free of charge or at someone else's expense.
In addition to individual intruders a serious danger comes from those representing organisations. Of these the organised crime and groups collecting international data should be mentioned. Illegal use from without can easily harm numeric information - accountancy data can be modified or deleted and business secrets disclosed. The fact of intrusion itself will have a negative impact on the company's good reputation, and in case a bank has been intruded, the impact will be catastrophic. The most common means are the skilful use of operating system and program bugs, finding out the `loopholes´ resulting from configuration mistakes, the use of protocol mistakes and internal security defects.
1.2. A more complicated occasion: intrusion coming from within
The cases of intrusion by company personnel should not be overlooked. According to an American Bar Association inquiry, 78 per cent of computer crimes are committed by the personnel of the aggrieved company.
The inquiries by the United States Department of Trade have shown that 40 per cent of the personnel are honest under any circumstances, 30 per cent are capable of a crime under certain conditions and 30 per cent constantly seek a possibility to acquire information illegally, that is, a third of the personnel go in for theft.
Information is collected for the benefit of rival companies and for that kind of activities even the leader of a company can be held responsible.
2. Possibilities of protection
The handiestbut not always the most rational possibility is keeping the internal database separate from the external, including the Internet. This possibility, however, offers no protection against misuse from within.
If the internal database is connected to the Internet, there is no 100 per cent certain protection although security systems have been created. Two principles should be followed: - the chance of illegal access has to be debarred (both from within and from without) - the use of the network has to be electronically and continuously inspected and analysed so that malevolent activities could be eliminated instantly
The majority of companies makes a mistake when connecting the internal network with the Internet and neglecting the question of the security system until after a possible intrusion.
2,1,. The cornerstones of a secure infosystem
The analysis of risk factors: measuring values and dangers; how great would the losses be in case of an intrusion, what should be the optimal sums spent on security.
The elaboration of a security policy: who will be allowed to use the system, what should be considered proper use of it, who will be authorized to use it; the rights and obligations of system administrators, the rights and obligations of users; how should confidential information be handled.
The elaboration of security measures and the practical use of them: strong authentication, the applying of classification measures, the use of a firewall, the elaboration of rescue and restore procedures, the monitoring of the users' activities, preparations for unexpected incidents.
The creation of a company computer emergency response team which would consist of specialists who would work out the security system, apply its possibilities, develop the security system and be in charge of the preventing and handling of exceptional incidents.
Systematic checkups: security systems need checking up which would then bring about continuous adaptation to the changing security requirements.
2.2. Firewall, classification and identification
Besides applying security measures and monitoring, the elaboration of security systems requires a pertinent technical background. A firewall is a workstation computer the hardware and software of which enable the most perfect protection today. The features of a firewall include:
Thus, it can be said that the use of a firewall diminishes the possibility of an intrusion from without. But even the best firewall is not a solution secure enough without classification and identification measures.
Classification is considered important because the Internet allows two-way data traffic: whereas data usage and activities from without are easily monitored, the data sent out from the internal network is totally unprotected. The sent data packages and e-mail messages can be restored or accessed only by special means. (It is no wonder that every Internet manual warns the users against sending credit card numbers through the computer network.) Outgoing information must, therefore, be classified. There have been several initiatives to that purpose but, however, there is still no universally accepted standard. Both software companies and administrations are still working on it.
Strict identification measures are becoming more and more important because the conventional user/password has proved inadequate by now. By surfing for one week with the help of a password decrypting program it would be possible to decode ca. 25 per cent of (all) passwords (USA). The solution would be both local and central identification.
Taking into accout the above the most important security measures are:
But there are no security measures that could not be cheated.
Budapest, May 12, 1996 József Kiss